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We claim: 

1 . A method for authenticating a user, comprising: 

obtaining an asserted identity of said user; 
5 obtaining a random subset of questions that said user has previously answered 

with a customer verification server; and 

presenting one or more questions to said user from said random subset of 
questions until a predefined security threshold is satisfied. 

10 2. The method of claim 1, wherein said user is directed to said customer verification 

server during an enrollment phase. 

3. The method of claim 1, wherein said user verification server instructs said user to 
select and answer a number of questions that will be used for verification. 

15 

4. The method of claim 3, further comprising the step of storing said selected 
questions at said user's location. 

5. The method of claim 3, further comprising the step of storing said selected 
20 questions at said customer verification server. 

6. The method of claim 3, wherein said obtaining step further comprises the step of 
receiving an indication of said selected questions from said customer verification server. 

25 7. The method of claim 6, wherein said obtaining step further comprises the step of 

obtaining answers from said user for said selected questions. 

8. The method of claim 1, wherein said presenting step is performed by an 

authentication module. 
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9. The method of claim 8, wherein said authentication module obtains answers to 
said presented questions from said user. 

10. The method of claim 1, wherein said predefined security threshold is based on a 
5 sum of security weights of correctly answered questions. 

11. The method of claim 1, wherein one or more of said questions are directed to an 
opinion of said user. 

10 12. The method of claim 1, wherein one or more of said questions are directed to a 

trivial fact. 

13. The method of claim 1, wherein one or more of said questions are directed to an 
indirect fact. 

15 

14. The method of claim 1, further comprising the step of presenting said user with a 
larger pool of potential questions for selection of one or more questions to answer. 

15. The method of claim 14, further comprising the step of ensuring that said 
20 questions selected by said user meet predefined criteria for topic distribution. 

16. The method of claim 1, further comprising the step of ensuring that answers to 
user selected questions cannot be qualitatively correlated with said user. 

25 17. The method of claim 1, further comprising the step of ensuring that answers to 

user selected questions cannot be quantitatively correlated with said user. 

18. The method of claim 1, wherein said questions from said random subset of 

questions are presented to said user in a random order. 
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19. The method of claim 1, wherein said questions are presented to said user in the 
form of an index identifying each question. 

20. The method of claim 1 , wherein said user responds to said questions by returning 
5 an index identifying each answer. 

21. The method of claim 20, wherein said index identifying each answer can be 
aggregated to form a password. 

10 22. The method of claim 20, wherein a portion of each answer can be aggregated to 

form a password. 

23. The method of claim 1 , further comprising the step of storing an indication of said 
subset of questions on a device or wallet card or piece of paper associated with said user. 

24. An apparatus for authenticating a user, comprising: 
a memory; and 

at least one processor, coupled to the memory, operative to: 
obtain an asserted identity of said user; 

obtain a random subset of questions that said user has previously answered with a 
customer verification server; and 

present one or more questions to said user from said random subset of questions 
until a predefined security threshold is satisfied. 

25 25. The apparatus of claim 24, wherein said user is directed to said customer 

verification server during an enrollment phase. 

26. The apparatus of claim 24, wherein said customer verification server instructs 

said user to select and answer a number of questions that will be used for verification. 
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27. The apparatus of claim 26, wherein said processor is further configured to store 
said selected questions at said user's location. 

28. The apparatus of claim 26, wherein said processor is further configured to store 
5 said selected questions at said customer verification server. 

29. The apparatus of claim 26, wherein said obtaining step further comprises the step 
of receiving an indication of said selected questions from said customer verification server. 

10 30. The apparatus of claim 24, wherein said presenting step is performed by an 

authentication module. 

3 1 . The apparatus of claim 24, wherein said processor is further configured to ensure 
that questions selected by said user meet predefined criteria for topic distribution. 

15 

32. The apparatus of claim 24, wherein said processor is further configured to ensure 
that answers to user selected questions cannot be qualitatively correlated with said user. 

33. The apparatus of claim 24, wherein said processor is further configured to ensure 
20 that answers to user selected questions cannot be quantitatively correlated with said user. 

34. The apparatus of claim 24, wherein said questions from said random subset of 
questions are presented to said user in a random order. 

25 35. The apparatus of claim 24, wherein said questions are presented to said user in the 

form of an index identifying each question. 

36. The apparatus of claim 24, wherein answers to said questions are received from 

said user in the form of an index identifying each answer. 
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37. The apparatus of claim 36, wherein said index identifying each answer can be 
aggregated to form a password. 

38. The apparatus of claim 36, wherein a portion of each answer can be aggregated to 
5 form a password. 

39. An article of manufacture for authenticating a user, comprising a machine 
readable medium containing one or more programs which when executed implement the steps 
of: 

10 obtaining an asserted identity of said user; 

obtaining a random subset of questions that said user has previously answered 
with a customer verification server; and 

presenting one or more questions to said user from said random subset of 
questions until a predefined security threshold is satisfied. 
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